Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-2422

    Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %9.87
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-0048

    Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.... Read more

    Affected Products : linux rsync
    • EPSS Score: %69.46
    • Published: Feb. 27, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-2123

    Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04.... Read more

    Affected Products : application_server
    • EPSS Score: %1.12
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2415

    Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary c... Read more

    • EPSS Score: %13.36
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-0495

    csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.... Read more

    Affected Products : cssearch_professional
    • EPSS Score: %15.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-2397

    The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.... Read more

    Affected Products : connected_backup
    • EPSS Score: %4.69
    • Published: Dec. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2417

    Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a deni... Read more

    • EPSS Score: %9.78
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4683

    Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."... Read more

    Affected Products : opera_browser
    • EPSS Score: %0.54
    • Published: Dec. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2002-1629

    Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.... Read more

    Affected Products : proxyserver
    • EPSS Score: %1.27
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-4743

    The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buf... Read more

    Affected Products : kerberos_5
    • EPSS Score: %22.27
    • Published: Sep. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2331

    Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %23.86
    • Published: Jun. 02, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2425

    Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a deni... Read more

    • EPSS Score: %9.78
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4659

    Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSC... Read more

    • EPSS Score: %0.86
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2375

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via un... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %2.01
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6200

    Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified... Read more

    Affected Products : slackware_linux rsync
    • EPSS Score: %2.04
    • Published: Dec. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5331

    Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which ... Read more

    • EPSS Score: %16.34
    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5332

    Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.... Read more

    • EPSS Score: %18.47
    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4480

    Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that... Read more

    Affected Products : edirectory
    • EPSS Score: %26.52
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5902

    Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.... Read more

    Affected Products : kerberos_5 kerberos
    • EPSS Score: %4.00
    • Published: Dec. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2416

    Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary ... Read more

    • EPSS Score: %4.53
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292733 Results